NSA's Response To Snowden Leaks Isn't To Stop Spying, But To Make It More Difficult To Blow The Whistle

from the wrong-lesson dept

In response to the revelations, via Ed Snowden, that the NSA's surveillance apparatus is sweeping up a lot more information on the public than most people realized, you might think that the proper response would be to stop collecting so much information. But, of course, the NSA's actual response is to try to make it more difficult for the next Ed Snowden to leak information by instituting a "two-person rule" for accessing information.

The director of the N.S.A., Gen. Keith B. Alexander, acknowledged the problem in a television interview on Sunday and said his agency would institute “a two-man rule” that would limit the ability of each of its 1,000 system administrators to gain unfettered access to the entire system. The rule, which would require a second check on each attempt to access sensitive information, is already in place in some intelligence agencies. It is a concept borrowed from the field of cryptography, where, in effect, two sets of keys are required to unlock a safe.

From government agencies to corporate America, there is a renewed emphasis on thwarting the rogue I.T. employee. Such in-house breaches are relatively rare, but the N.S.A. leaks have prompted assessments of the best precautions businesses and government can take, from added checks and balances to increased scrutiny during hiring.

Basically: we won't fix the actual problem, we'll just makes sure it's much more difficult for the next whistleblower to expose us. That's not particularly comforting.

This *does* mitigate one data-misuse scenario...

...namely, a rogue employee misusing their access to the data for nefarious purposes. Now they won't be able to do that without the other guy that's looking over their shoulder asking "why are you searching for your ex's name instead of for Osama bin Laden?" or something like that.

Snowden did more than "blow the whistle"

Releasing the Verizon FISA court order was truly beneficial, and that information should have been public. Ever since it's been downhill. Releasing details on what foreign computers (down to the IP address) the NSA is spying upon serves zero benefit to the public. To cheerlead every action taken by Snowden up to this point (never mind the far more damaging material that's encrypted for the moment) is simply to declare that the US should have no covert operations.

Characterizing Snowden as a whistleblower at this point is like characterizing Hurricane Katrina as a rainy day.

Re: Snowden did more than "blow the whistle"

Releasing details on what foreign computers (down to the IP address) the NSA is spying upon serves zero benefit to the public.

Well, it does help the public know which servers to avoid. That's a benefit. This sort of stuff can be very useful for the public to know. Also, it might not, in which case it's collateral damage. The US government deems similar collateral damage acceptable when it comes to spying on us. Fair's fair.

To cheerlead every action taken by Snowden up to this point (never mind the far more damaging material that's encrypted for the moment) is simply to declare that the US should have no covert operations.

Not even close. It's to declare that they way covert operations are currently being done is unacceptable.

Re: Re: Re:

It's not "Gathering intelligence on other Nations hostile to the U.S." that has caused the outrage. It is "Gathering absolutely everything that looks maybe like it might be 50% foreign in origin and demanding unrestricted access to pretty much everything ever. And then storing it all for god knows how long."

so, rather than stop the spying or even come clean on what is going on, who is involved and what info is being gleaned from where, they just want 'business as usual' and everyone to forget the incident and allow it to continue? the best thing would be to dissolve all these 'agencies' and let things take their course. how can anyone honestly believe that spying on everyone everywhere is going to be the answer to all our problems? humans are one of the worst of the Earth's inhabitants. we are war-like, selfish, untrustworthy killers! we will never change! it is part of who/what we are! the only time we will change, if then, is when we are almost over the brink, just as in the Keanu Reeves film 'The Day the Earth Stood Still'. i hope we never gety to that point and can mold our future better than we managed our past. if not, we may as well pack up now because i doubt if anyone is gonna want to spend their life waiting for the next ridiculous 'scandal' to break!!

Re: Rotation

That would be the only reasonable way to do it to avoid conspiracies. Actually this is a change for the better. For the wrong reasons, targeted at the wrong people and with limited effect. But babysteps.

Caring about security sounds like a good idea for a secret service. Wonder who got that idea? Must be a professor or somn.

Re: Snowden did more than "blow the whistle"

Characterizing Snowden as a whistleblower at this point is like characterizing Hurricane Katrina as a rainy day.

Accurate enough, certainly based on the evolving scope of what this particular whistle-blower brought with him.

However consider this.

You seem to be making the case that Snowden may be a traitor or a criminal because he scooped up a whole bunch of sensitive *international spying activity logs as well as domestic.

There's a problem with that conjecture when measured.

First of all, there's now no doubt the NSA was spying illegally (at least illegal based on published, non-secret laws) on Americans.

This activity runs into direct conflict with one of our core "enshrined" amendments... you know the ones that, by law, aren't supposed to be superceded by subsequent laws.

A government wantonly breaking its own laws represents a manifest betrayal of trust with the people it is bound to serve. I would say that universally violating the 4th amendment rights of every American could be called a 'wanton' act.

A patriot (and I mean a true patriot, not John McCain or a missile program) stands by his countrymen first, then their lawful government. History informs us the patriot must look first to holding his own government to task in order to serve his people.

Having discovered NSA's transgressions against their own people, but not knowing what else may be going on, a patriot would have no choice but to cast the entire operation under suspicion.

After all, knowing what they are doing to their own people... just what are the NSA people doing to humans around the world?

A true patriot does not crave bloodshed, and would not let unscrupulous people lead his countrymen to war.

The NSA is now suspect for blatantly violating our laws and needs to go under the microscope for our national security. The rest of the government is suspect for supporting them.

Sysadmins

A sysadmin's job is to run the system, fix problems, address security issues and generally maintain the system itself. In order to do that job they have to have the access to do the task. If you don't give them access they can't do the job. If you don't have a sysadmin you can trust with access you don't have a sysadmin at all and the system will fall apart because no one is maintaining it. Effectively that will end these programs. They will fall apart on their own.

Re: Re: Sysadmins

They just need access to the system itself.

I think you're assuming the admin knows no more than the 'standard' admin. It's a fine line and a short walk between system admin level access and read access to any reachable object. Sure you can partition the system, trigger alarms and make things generally harder, but there is nothing that cannot be broken with access to "the machine".

Re: Re: Re: Re: Re: Sysadmins

Re: Re: Re: Re: Re: Re: Sysadmins

Sure the system admin that maintains the OS doesn't have to be given access to that, although he certainly can keep it from working if so desired. Still the admin that maintains the system that does the decryption does have to have access to that, otherwise how is he going to know if it is working properly or is having a problem that needs to be addressed? How do you know if he can be trusted?

Feynman effect

This reminds me of one of the Feynman stories from the time he was working for the Manhattan Project. As a sort of prank-hobby, he found a way to discover safe combinations, which was relatively easy when you had a chance to temper with an open safe for a couple of minutes. He demonstrated it to some high-ranking officer in charge of one of the Uranium production facilities, and explained how it's done, recommending that all the employees should always lock their safes and never leave them open unattended. The response of the officer on the other hand was to tell all the employees who had any contact with Feynman to change their safe combinations. He learned about it during his next visit to that facility, when people started avoiding him.

I guess there is something peculiar about a government agent's mentality which makes those people defy common sense.

Re: Re: Re: Re: Re: Re: Re: Sysadmins

Still the admin that maintains the system that does the decryption does have to have access to that, otherwise how is he going to know if it is working properly or is having a problem that needs to be addressed?

Having access to the decryption system doesn't mean that he has the ability to decrypt sensitive materials. He'd need the encryption key for those materials to do that.

For admin purposes, the testing can be adequately accomplished by the admin encrypting and decrypting files that he's supplied himself.

Re: They don't see the same problem

They don't WANT to see the same problem and THAT is part of the problem. They are classically self-delusional. They pretend information isn't public when it is. They pretend it's just about security when it's not. They pretend that he is the one who did something wrong and not them. They keep telling themselves these things over and over again hoping that they can convince people to believe them just like they are telling themselves over and over again in an attempt to convince themselves. It is so pathetic that it hurts to watch.

Re: Re: Re: Re: Re: Re: Re: Re: Sysadmins

But he still never really knows whether the actual data will be able to be decrypted or not, and when command comes down and says "We need this info now! It's not working! You are the guy who is supposed to keep this running! Just fix it NOW!"

Yeah, showing them that you can decrypt hypothetical files with the same system is really going to make them feel better.

making it more difficult for their wrong doings to be found out and reported instead of stopping doing wrong shows how warped those in charge really are. how the hell did things degrade to this level? how were things allowed to degrade to this level? who is really pulling the strings and why in such a manner as to paint all of the people as criminals and terrorists? if those concerned dont trust anyone here anymore, the best bet is to leave and live somewhere else, isn't it?

Re: Re: Re: Re: Re: Re: Re: Re: Re: Sysadmins

If the problem cannot be demonstrated with sample data, then there is nothing the sysadmin can do about it anyway (the problem is almost certainly going to be corrupted data). Having access to the sensitive data won't help him resolve the problem, other than to say "yup, it doesn't work".

However, if there's some PHB who doesn't understand that, then the PHB can certainly give the sysadmin the necessary credentials for the specific data there's a problem with. There's still no need for the sysadmin to have blanket access.

Re: Re: Re:

"Really? Gathering intelligence on other nations hostile to the U.S. is now 'disrespectful'?"

Except they're not, not exclusively anyway. They're spying on all communications within our country. Clearly the government is ultra-paranoid and thinks of us as the enemy. The NSA has to find people without honor or respect for their fellow countrymen to willfully violate our rights.

Re: Re: Re:

Enemies? You would think we have been invaded by an evil entity trying to kill us and change our values......oh wait; that's the United State I'm talking about. If we were occupied as much as we occupy foreign soil, there would be alien military bases in every state in the US. China has zero military installations outside of it's own borders, and just built it's first aircraft carrier. WAKE UP PEOPLE.....we are the aggressor to people that think differently than us. Obama said we are not at war with Islam, but every conflict in the last few decades have been in Islamic countries fighting Muslims.

Re: Snowden did more than

Except that we the U. S. have long cried foul on China for digital espionage and surveillance on foreign nations. Either we bolster foreign hacking or abandon it. However, should we choose the former, in observance of the modernity of criminal justice in its prosecution of digital crimes, then the United States must answer for its foreign espionage being, as it has been since it's inception, criminal, disconstitutional, dishonorable, and of poor example to the peoples and sovereign nations of the world.

Re: Snowden did more than

Except that we the U. S. have long cried foul on China for digital espionage and surveillance on foreign nations. Either we bolster foreign hacking or abandon it. However, should we choose the former, in observance of the modernity of criminal justice in its prosecution of digital crimes, then the United States must answer for its foreign espionage being, as it has been since it's inception, criminal, disconstitutional, dishonorable, and of poor example to the peoples and sovereign nations of the world.

us empire

The only nation who is hostile us the US period! Every where the US has been is to take over resources, put in a dicator to favor the US & place massive debt on the country period! Who the fuck are you & all these fucktards trying to kid & try to change that the US is the victum here? What fucking intelligance its called braeking the laws & rights & hypocriticaly always trying to stand for justice & freedom! Bullshit!